Flash dropping session cookies

If you have ever used SWFupload with PHP application using session authentication you could run into similar problem.

SWFUpload is a small JavaScript/Flash library to get the best of both worlds. It features the great upload capabilities of Flash and the accessibility and ease of HTML/CSS.
 

Your users are able to upload multiple files using flash uploader after they log into your website. While their browser have no problem with cookie / session handling, flash application ignores session id and in the result, instead of typical ajax result – your reply from server will contain a page with a login form.

This is a very old bug(?), reported back in 2007 (or even before), still available in newest flash player.

Bug affects following browsers / versions:

  • Firefox / Opera / Chrome
  • Flash player 9
  • SWFUpload v2.2.0.1
I have no information on other versions but it seems like bug affects every non-IE browser and every flash player version

There are few workarounds out there, according to Evert Pot and his blog.

In case you are working on a bigger project, where you cannot simply override authorisation I suggest simply upgrading SWFUpload to SWFUpload v2.5.0 Beta 3 – it should do the trick, but beware that it is still beta, unstable version!

I’ve spent too much time to debug this, so for all of you going the same way – please follow my guidelines so you can spend additional hours with your family.

Leave a Reply

Your email address will not be published. Required fields are marked *